<HTML><BODY style="word-wrap: break-word; -khtml-nbsp-mode: space; -khtml-line-break: after-white-space; ">In wpa_supplicant version 0.5.4, <DIV><SPAN class="Apple-tab-span" style="white-space:pre">        </SPAN>the file events.c, </DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">        </SPAN>the function wpa_supplicant_event_disassoc() </DIV><DIV><BR class="khtml-block-placeholder"></DIV><DIV>static void wpa_supplicant_event_disassoc(struct wpa_supplicant *wpa_s)</DIV><DIV>{</DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">        </SPAN>const u8 *bssid;</DIV><DIV><BR class="khtml-block-placeholder"></DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">        </SPAN>if (wpa_s-&gt;key_mgmt == WPA_KEY_MGMT_WPA_NONE) {</DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">                </SPAN>/*</DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">                </SPAN> * At least Host AP driver and a Prism3 card seemed to be</DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">                </SPAN> * generating streams of disconnected events when configuring</DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">                </SPAN> * IBSS for WPA-None. Ignore them for now.</DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">                </SPAN> */</DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">                </SPAN>wpa_printf(MSG_DEBUG, "Disconnect event - ignore in "</DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">                        </SPAN>   "IBSS/WPA-None mode");</DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">                </SPAN>return;</DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">        </SPAN>}</DIV><DIV><BR class="khtml-block-placeholder"></DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">        </SPAN>if (wpa_s-&gt;wpa_state == WPA_4WAY_HANDSHAKE &amp;&amp;</DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">        </SPAN>    wpa_s-&gt;key_mgmt == WPA_KEY_MGMT_PSK) {</DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">                </SPAN>wpa_msg(wpa_s, MSG_INFO, "WPA: 4-Way Handshake failed - "</DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">                        </SPAN>"pre-shared key may be incorrect");</DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">        </SPAN>}</DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">        </SPAN>if (wpa_s-&gt;wpa_state &gt;= WPA_ASSOCIATED)</DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">                </SPAN>wpa_supplicant_req_scan(wpa_s, 0, 100000);</DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">        </SPAN>bssid = wpa_s-&gt;bssid;</DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">        </SPAN>if (memcmp(bssid, "\x00\x00\x00\x00\x00\x00", ETH_ALEN) == 0)</DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">                </SPAN>bssid = wpa_s-&gt;pending_bssid;</DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">        </SPAN>wpa_blacklist_add(wpa_s, bssid);</DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">        </SPAN>wpa_sm_notify_disassoc(wpa_s-&gt;wpa);</DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">        </SPAN>wpa_supplicant_mark_disassoc(wpa_s);</DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">        </SPAN>wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_DISCONNECTED "- Disconnect event - "</DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">                </SPAN>"remove keys");</DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">        </SPAN>if (wpa_supplicant_dynamic_keys(wpa_s)) {</DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">                </SPAN>wpa_s-&gt;keys_cleared = 0;</DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">                </SPAN>wpa_clear_keys(wpa_s, wpa_s-&gt;bssid);</DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">        </SPAN>}</DIV><DIV>}</DIV><DIV><BR class="khtml-block-placeholder"></DIV><DIV>However, the function, wpa_supplicant_mark_disassoc() ends up setting the field wpa_s-&gt;bssid to all zeros (00:00:00:00:00:00).  When you call wpa_clear_keys() after this, the PTK is not really cleared.  This leads to the inability to renegotiate WPA PTK, because the message 2/4 will go out encrypted and the authenticator will never get the message.</DIV><DIV><BR class="khtml-block-placeholder"></DIV><DIV>Changing the call to use a cached version of the BSSID held by wpa_supplicant_event_disassoc() corrects this issue.</DIV><DIV><BR class="khtml-block-placeholder"></DIV><DIV>static void wpa_supplicant_event_disassoc(struct wpa_supplicant *wpa_s)</DIV><DIV>{</DIV><DIV>-<SPAN class="Apple-tab-span" style="white-space:pre">        </SPAN>const u8 *bssid;</DIV><DIV>+<SPAN class="Apple-tab-span" style="white-space:pre">        </SPAN>u8 bssid[ETH_ALEN];</DIV><DIV><BR class="khtml-block-placeholder"></DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">        </SPAN>if (wpa_s-&gt;key_mgmt == WPA_KEY_MGMT_WPA_NONE) {</DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">                </SPAN>/*</DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">                </SPAN> * At least Host AP driver and a Prism3 card seemed to be</DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">                </SPAN> * generating streams of disconnected events when configuring</DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">                </SPAN> * IBSS for WPA-None. Ignore them for now.</DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">                </SPAN> */</DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">                </SPAN>wpa_printf(MSG_DEBUG, "Disconnect event - ignore in "</DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">                        </SPAN>   "IBSS/WPA-None mode");</DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">                </SPAN>return;</DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">        </SPAN>}</DIV><DIV><BR class="khtml-block-placeholder"></DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">        </SPAN>if (wpa_s-&gt;wpa_state == WPA_4WAY_HANDSHAKE &amp;&amp;</DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">        </SPAN>    wpa_s-&gt;key_mgmt == WPA_KEY_MGMT_PSK) {</DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">                </SPAN>wpa_msg(wpa_s, MSG_INFO, "WPA: 4-Way Handshake failed - "</DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">                        </SPAN>"pre-shared key may be incorrect");</DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">        </SPAN>}</DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">        </SPAN>if (wpa_s-&gt;wpa_state &gt;= WPA_ASSOCIATED)</DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">                </SPAN>wpa_supplicant_req_scan(wpa_s, 0, 100000);</DIV><DIV>-<SPAN class="Apple-tab-span" style="white-space:pre">        </SPAN>bssid = wpa_s-&gt;bssid;</DIV><DIV>+<SPAN class="Apple-tab-span" style="white-space:pre">        </SPAN>memcpy( bssid, wpa_s-&gt;bssid, ETH_ALEN);</DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">        </SPAN>if (memcmp(bssid, "\x00\x00\x00\x00\x00\x00", ETH_ALEN) == 0)</DIV><DIV>-<SPAN class="Apple-tab-span" style="white-space:pre">                </SPAN>bssid = wpa_s-&gt;pending_bssid;</DIV><DIV>+<SPAN class="Apple-tab-span" style="white-space:pre">                </SPAN>memcpy( bssid, wpa_s-&gt;pending_bssid, ETH_ALEN);</DIV><DIV><BR class="khtml-block-placeholder"></DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">        </SPAN>wpa_blacklist_add(wpa_s, bssid);</DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">        </SPAN>wpa_sm_notify_disassoc(wpa_s-&gt;wpa);</DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">        </SPAN>wpa_supplicant_mark_disassoc(wpa_s);</DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">        </SPAN>wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_DISCONNECTED "- Disconnect event - "</DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">                </SPAN>"remove keys");</DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">        </SPAN>if (wpa_supplicant_dynamic_keys(wpa_s)) {</DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">                </SPAN>wpa_s-&gt;keys_cleared = 0;</DIV><DIV>-<SPAN class="Apple-tab-span" style="white-space:pre">                </SPAN>wpa_clear_keys(wpa_s, wpa_s-&gt;bssid);</DIV><DIV>+<SPAN class="Apple-tab-span" style="white-space:pre">                </SPAN>wpa_clear_keys(wpa_s, bssid);</DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">        </SPAN>}</DIV><DIV>}</DIV><DIV><BR class="khtml-block-placeholder"></DIV><DIV>I also think it would be more optimal to do this;</DIV><DIV><BR class="khtml-block-placeholder"></DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">        </SPAN>if (memcmp(wpa_s-&gt;bssid, "\x00\x00\x00\x00\x00\x00", ETH_ALEN) == 0)</DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">                </SPAN>memcpy( bssid, wpa_s-&gt;pending_bssid, ETH_ALEN);</DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">        </SPAN>else</DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">                </SPAN>memcpy( bssid, wpa_s-&gt;bssid, ETH_ALEN);</DIV><DIV><BR class="khtml-block-placeholder"></DIV><DIV>rather than this</DIV><DIV><BR class="khtml-block-placeholder"></DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">        </SPAN>memcpy( bssid, wpa_s-&gt;bssid, ETH_ALEN);</DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">        </SPAN>if (memcmp(bssid, "\x00\x00\x00\x00\x00\x00", ETH_ALEN) == 0)</DIV><DIV><SPAN class="Apple-tab-span" style="white-space:pre">                </SPAN>memcpy( bssid, wpa_s-&gt;pending_bssid, ETH_ALEN);</DIV><DIV><BR class="khtml-block-placeholder"></DIV><DIV><BR><DIV> <SPAN class="Apple-style-span" style="border-collapse: separate; border-spacing: 0px 0px; color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; text-align: auto; -khtml-text-decorations-in-effect: none; text-indent: 0px; -apple-text-size-adjust: auto; text-transform: none; orphans: 2; white-space: normal; widows: 2; word-spacing: 0px; "><DIV>Thanks,</DIV><DIV>Chris</DIV><DIV><BR class="khtml-block-placeholder"></DIV><DIV>-- </DIV><DIV>Chris Zimmermann</DIV><DIV><A href="mailto:cbzimmermann@mac.com">cbzimmermann@mac.com</A></DIV><DIV><BR class="khtml-block-placeholder"></DIV><BR class="Apple-interchange-newline"></SPAN> </DIV><BR></DIV></BODY></HTML>